(Effective Date: January 15th, 2025) Version 2.0
DesireLand is committed to preserve and secure the Privacy of its Users. This privacy policy, effective as of January 15th, 2025, applies to the DesireLand mobile application, both of which are owned and operated by Santosh Software Technologies ("The Company" or "We" or "Data Fiduciary"). This privacy policy describes how we collect and use the personal information users ("Members" or "you" or "Data Principal") provide on our mobile application (together, "DesireLand"). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
This Privacy Policy is an electronic record in the form of an electronic contract formed under the Information Technology Act, 2000 and the rules made thereunder, the Digital Personal Data Protection Act, 2023 (DPDP Act), and the Digital Personal Data Protection Rules, 2025 (DPDP Rules), and the amended provisions pertaining to electronic documents / records in various statutes as amended by the Information Technology Act, 2000. This Privacy Policy does not require any physical, electronic or digital signature.
This Privacy Policy is a legally binding document between you and Santosh Software Technologies. The terms of this Privacy Policy will be effective upon your acceptance of the same (directly or indirectly in electronic form, by signing in the app) and will govern the relationship between you and Santosh Software Technologies for your use of the App.
This document is published and shall be construed in accordance with the provisions of:
(a) The Information Technology (reasonable security practices and procedures and sensitive personal data of information) rules, 2011 under Information Technology Act, 2000;
(b) The Digital Personal Data Protection Act, 2023 (DPDP Act);
(c) The Digital Personal Data Protection Rules, 2025 (DPDP Rules);
that require publishing of the Privacy Policy for collection, use, storage and transfer of sensitive personal data or information.
DPDP Act Compliance: This Privacy Policy is designed to comply with the Digital Personal Data Protection Act, 2023 and the Digital Personal Data Protection Rules, 2025. As a Data Fiduciary, we are committed to processing your personal data in accordance with the principles of lawfulness, fairness, purpose limitation, data minimization, accuracy, storage limitation, and accountability as mandated under the DPDP Act.
Please read this Privacy Policy carefully. By using the App, you indicate that you understand, agree and consent to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use this App.
Consent Requirements (DPDP Act Compliance): By providing us your Information or by making use of the facilities provided by the App, You hereby provide your consent which is:
(a) Freely given - You have the choice to provide or withhold consent without coercion;
(b) Specific - Consent is provided for clearly defined purposes as stated in this policy;
(c) Informed - You have been provided with clear information about what data is collected and how it will be used;
(d) Unambiguous - Your consent is clear and explicit through your use of the App;
(e) Withdrawable - You have the right to withdraw your consent at any time as described in this policy.
You hereby consent to the collection, storage, processing and transfer of any or all of Your Personal Information and Non-Personal Information by us as specified under this Privacy Policy. You further agree that such collection, use, storage and transfer of Your Information shall not cause any loss or wrongful gain to you or any other person.
Inform - We inform our Members that their data is being collected and about how it will be used.
Option - We give our Members the ability to opt out of the collection of data and forward transfer of the data to third parties.
Onward Transfer - Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
Security - We undertake reasonable efforts to prevent loss of collected information.
Data Integrity - We represent that the collected data is relevant and reliable for the purpose it was collected for.
Access - We provide our Members to access information held about them, and respect their right to correct or delete that data if it is inaccurate.
Enforcement - The present Privacy Policy informs our Members of their rights and how to exercise their rights.
In DesireLand you will setup your personal profile with the details you wish to provide and then do searches for matches after that you will send messages. In DesireLand we collect your personal information, age, sex, email, name, password, occupation, gender, state, city, physical description, photos, marital status, sexual orientation, sexual preference in order to provide you matches as service. We don't allow search engines to find out your data. We keep your photos, chats and ip address that you use while using our Services.
We collect your GPS/Location data at the start in order to provide you better matchmaking results.
Some of the information you choose to provide when you register, update, or modify your account is considered "sensitive" or "special" data (for instance, your sexual preferences, sexual activities). Because you voluntarily share this information when your register for your account or share it through the Service, you are freely consenting to our processing of that information.
We will send you strictly service-related announcements on rare occasions when it is necessary to do so.
We will occasionally send you information on products, services, special deals, promotions. Out of respect for your privacy, we present the option not to receive these types of communications. Please see the "Opt-out" section below.
We save your personal informations like email address and demographic informations such as your city, state, your age, your gender on our servers. We do not sell or transfer this information with others.
DesireLand needs your personal information to provide a high quality service. Your provided informations (your username, preferences, age, sex ) enables DesireLand to provide you with a personalized environment, and allow other members to find you through our advanced search. We do not store any payment related personal informations on our side. We retain details of your specific product purchases and transactions, interests or preferences. We may collect non-personal information about how Members navigate through the app/site.
Payment Processing:
1. Payment Processing:
(a) We use Google payment gateway exclusively
(b) Payment information is stored on Google's end
(c) We do not store payment information
DesireLand may disclose your Personal Data in the good faith belief that such action is necessary to:
Age Restriction: DesireLand is strictly prohibited for individuals below 18 years of age. We do not knowingly collect, process, or store personal data from individuals under 18 years of age.
Verifiable Parental Consent (DPDP Act Requirement): In accordance with the Digital Personal Data Protection Act, 2023, if we become aware that we have collected personal data from an individual under 18 years of age, we will:
(a) Immediately cease processing such data;
(b) Delete all personal data collected from such individual;
(c) Notify the Data Protection Board of India (DPBI) if required;
(d) Take appropriate measures to prevent future collection from such individuals.
Age Verification: By using our services, you represent and warrant that you are at least 18 years of age. If you are a parent or guardian and believe your child under 18 has provided us with personal data, please contact us immediately at support@desireland.app. We will take immediate steps to delete such information.
If we discover that personal data has been collected from an individual below 18 years of age without verifiable parental consent, we will delete such data immediately and take measures to prevent recurrence.
Our servers are located in India. DesireLand members do understand that, in order to receive our Services, The members have to provide some Personal Data By providing any Personal Information to DesireLand, all Members, including, without limitation, fully understand and unambiguously consent to this Privacy Policy and to the transfer of such Personal Information across international borders in accordance with DesireLand's standard operations, including the collection.
Photos and Image Information
At DesireLand, we prioritize your privacy and security, especially when it comes to handling your photos. Here's an overview of our practices:
Profile Images and Photo Gallery: Your uploaded photos, which are used to personalize your profile and enhance your experience, are stored securely on Amazon Web Services (AWS), a third-party cloud storage provider. These images are crucial for improving your chances of finding the right match and are accessible only within the DesireLand platform.
Chat: Photos shared in chat enhance your conversations and help build connections. Like your profile images, these are also securely stored on AWS to ensure their privacy and integrity.
Security and Privacy:
Third-Party Storage: By utilizing AWS for photo storage, we ensure high levels of security and reliability. AWS is known for its robust data protection measures, safeguarding your photos from unauthorized access or breaches.
Data Protection Measures: Our team employs additional security measures to protect your images, including encryption in transit and at rest, to prevent unauthorized access.
Control and Consent: You maintain control over your photos. You can manage your images within your profile and chats, including adding, changing, or removing them as you see fit.
Sharing and Disclosure:
Limited Sharing: We only share your photos with AWS for storage purposes. No other third parties have access to your images without your explicit consent, except as necessary to provide DesireLand's services or comply with legal obligations.
Visibility: Your photos are not accessible to search engines and are only visible to DesireLand users, in accordance with your privacy settings and the intended use within the app.
We are committed to ensuring the privacy and security of your photos as part of our service.
All data collected through the app, including but not limited to personal information, photos, chat messages, and other user-generated content, is securely uploaded and stored on our servers hosted at the desireland.app domain. We utilize this domain to ensure the privacy and security of your data, employing state-of-the-art security measures to protect against unauthorized access, disclosure, alteration, or destruction of your personal information.
By using the app platform, you consent to the collection, storage, and use of your information as outlined in our privacy practices. We are committed to maintaining the highest standards of data protection and ensuring that your personal details are handled with care and respect.
We collect your GPS/Location data at the start in order to provide you better matchmaking results.
Your all information is very important to us. DesireLand uses various technical and management practices to help protect your confidentiality, security and integrity of the information you share with us.
Nothing in this Policy limits your statutory rights or our obligations under the DPDP Act.
Data Storage, Security, and Loss Disclaimer:
While we follow generally accepted standards to protect your personal information, you explicitly acknowledge and agree that:
1. Data Security Limitations:
(a) No method of transmission over the Internet or electronic storage is 100% secure
(b) We cannot and do not guarantee absolute security of your data
(c) We are not responsible for any interception or interruption of communications
2. Data Loss and Technical Issues:
(a) We explicitly disclaim ALL responsibility and liability for:
- Any loss of data due to technical failures
- Server outages or malfunctions
- Database corruption or errors
- Backup failures or data corruption
- Network or connectivity issues
- Software bugs or system errors
- Hardware failures or maintenance
- Any other technical issues causing data loss
(b) You acknowledge that data loss can occur for various technical reasons
(c) You are solely responsible for maintaining your own backups
(d) We do not guarantee the preservation, integrity, or recovery of any data
3. System Maintenance and Updates:
(a) We may perform system maintenance or updates at any time
(b) These operations may result in temporary or permanent data loss
(c) We are not liable for any consequences of such maintenance
(d) We are not obligated to provide advance notice of maintenance
By using our services, you explicitly accept these risks and limitations. If you have questions about security, contact us via app support or support@desireland.app, but please note that such inquiries do not alter these disclaimers.
When you register your profile, you may use a pseudonym for username, indicate the city where you live and provide a description of yourself and of your preferences. We never collect your real name for maintaning anonymity, but please be cautious that some informations or materials that you post (for example, personal pictures) on our app may identify you.
Data Security and Breach Notification (DPDP Act Compliance): While we implement reasonable security measures, you explicitly acknowledge and agree that: (a) No data transmission or storage system is 100% secure; (b) We make no guarantees regarding the security of your data; (c) You use our services and transmit data at your own risk.
Data Breach Notification Requirements (DPDP Rules): In the event of a data breach that may cause harm to Data Principals, we will:
(a) Notify the Data Protection Board of India (DPBI) without undue delay, and normally within 72 hours of becoming aware of the breach;
(b) Notify affected Data Principals (you) promptly, providing:
- Details of the breach and nature of personal data affected;
- Potential consequences of the breach;
- Remedial measures being taken or proposed;
- Contact information for further inquiries;
(c) Maintain records of all data breaches for audit and compliance purposes;
(d) Take immediate remedial measures to contain and mitigate the breach.
Security Measures: We implement technical and organizational measures to protect your personal data, including:
(a) Encryption of data in transit and at rest;
(b) Access controls and authentication mechanisms;
(c) Regular security assessments and audits;
(d) Activity logging and monitoring;
(e) Secure data storage on AWS infrastructure;
(f) Regular backups and disaster recovery procedures.
Liability Limitations: While we will comply with mandatory breach notification requirements under the DPDP Act, you acknowledge that: (a) We shall not be liable for any direct, indirect, incidental, special, or consequential damages resulting from any unauthorized access, use, or disclosure of your information unless such incidents result from our gross negligence or willful misconduct; (b) Our maximum liability for any data security incident shall not exceed the amount paid by you to us in the 3 months preceding the incident or ₹5,000, whichever is less, subject to applicable law.
We transmit data using SSL transmission method for extra security of your information. We collect and transmit your data to https://desiredatings.app which is our server end point. This server is secured with SSL.
Retention Period: In accordance with the Digital Personal Data Protection Rules, 2025, we will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law.
Data Retention Policy: We generally retain personal data for up to three (3) years after the last user interaction, unless a longer or shorter period is required by law, necessary for fraud-prevention, security, or legal claims. Personal data may be retained longer if:
(a) Retention is required for compliance with legal obligations;
(b) Retention is necessary for establishment, exercise, or defense of legal claims;
(c) You have provided explicit consent for extended retention;
(d) The data is required for legitimate business purposes that cannot be fulfilled through anonymization.
48-Hour Advance Notice: Before deleting your personal data in accordance with our retention policy, we will provide you with a 48-hour advance notice via:
(a) Email (if you have provided an email address);
(b) In-app notification;
(c) SMS (if you have provided a phone number).
This notice will inform you that your data will be deleted and provide you with the option to:
- Reactivate your account to prevent deletion;
- Request a copy of your data before deletion;
- Confirm deletion if you no longer wish to use our services.
Account Deletion: If you choose to delete your account, you can do so by clicking "Delete my account" on the app sidebar. Upon account deletion:
(a) Your personal data will be marked for deletion;
(b) You will receive a confirmation of deletion request;
(c) Data will be permanently deleted within 30 days, subject to legal retention requirements;
(d) Some anonymized data may be retained for analytics and legal compliance purposes.
Processing Logs Retention: In accordance with DPDP Rules, we maintain processing logs of all data processing activities. Processing logs are retained for at least one (1) year and may be retained longer if required for legal compliance or security purposes.
IP Address and Activity Logging: We log your IP address and activity data on our server to maintain a healthy user experience, prevent fraud, and ensure security. These logs are retained in accordance with our processing logs retention policy and legal requirements.
Pursuant to California Civil Code Section 1798.83, a California resident who has provided Personal Information to a business with whom he/she has established a business relationship for personal, family, or household purposes ("California Customer") is entitled to request information about whether the business has disclosed Personal Information to any third parties for the third parties' direct marketing purposes. In general, if the business has made such a disclosure of Personal Information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed.
However, under the law, a business is not required to provide the above-described lists if the business adopts and discloses to the public (in its privacy policy) a policy of not disclosing customer's Personal Information to third parties for their direct marketing purposes unless the customer first affirmatively agrees to the disclosure, as long as the business maintains and discloses this policy. Rather, the business may comply with the law by notifying the customer of his or her right to prevent disclosure of Personal Information and providing a cost free means to exercise that right.
As stated in this Privacy Policy, we do not share information with third parties for their direct marketing purposes unless you affirmatively agree to such disclosure -- typically by opting in to receive information from a third party that is participating in some activity describes on our site. If you do ask us to share your information with a third party for its marketing purposes, we will only share information in connection with that specific activity, as we do not share information with any third party on a continual basis. To prevent disclosure of your Personal Information for use in direct marketing by a third party, do not opt in to such use when you provide Personal Information on our site. Please note that whenever you opt in to receive future communications from a third party, your information will be subject to the third party's privacy policy. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policy of any party that collects your information to determine how that entity will handle your information.
Under the Digital Personal Data Protection Act, 2023, you have the following rights regarding your personal data:
1. Right to Access: You have the right to obtain a summary of your personal data being processed by us, including:
(a) The categories of personal data collected;
(b) The purposes for which it is being processed;
(c) The identities of Data Fiduciaries and Data Processors with whom your data is shared;
(d) The period for which your data will be retained.
To exercise this right, please contact us at support@desireland.app with the subject "Data Access Request".
2. Right to Correction and Erasure: You have the right to:
(a) Correct inaccurate or incomplete personal data;
(b) Update your personal data;
(c) Request erasure of your personal data, subject to legal retention requirements.
You can update most of your personal data directly through the app. For erasure requests, please contact us at support@desireland.app.
3. Right to Grievance Redressal: You have the right to register a grievance with us regarding the processing of your personal data. We will:
(a) Acknowledge your grievance within 7 days;
(b) Resolve your grievance within 30 days (or inform you of the extended timeline);
(c) Provide a clear explanation of the resolution.
4. Right to Nominate: You have the right to nominate another individual to exercise your rights under the DPDP Act in the event of your death or incapacity. To nominate someone, please contact us at support@desireland.app.
5. Right to Withdraw Consent: You have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. However, withdrawal may result in:
(a) Inability to use certain features of the app;
(b) Termination of your account if consent is required for core services.
6. Right to Data Portability: Upon request, we will provide your personal data in a structured, commonly used, and machine-readable format, where technically feasible.
Data Fiduciary: All the DesireLand App Services are currently provided and regulated by Santosh Software Technologies. Santosh Software Technologies acts as the Data Fiduciary and is responsible for the collection, storage, and processing of personal information of the Users in accordance with the DPDP Act.
Data Processors: We may engage third-party service providers (Data Processors) to assist in processing your personal data. These include:
(a) Amazon Web Services (AWS) - for cloud storage and hosting services;
(b) Google Payment Gateway - for payment processing;
(c) Other service providers as necessary for app functionality.
All Data Processors are contractually bound to maintain the same level of data protection as required under the DPDP Act.
Cross-Border Data Transfers: Your data may be processed or stored on servers located inside or outside India (e.g., AWS). All transfers comply with DPDP guidelines.
Contact Information: For any queries regarding data processing, please contact:
Santosh Software Technologies
Address: Simla Ghoshpara, Serampore-3, Hooghly, India
Email: support@desireland.app
If we decide to change our privacy practices, we will post those changes to this privacy policy, the home page, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
Notification of Material Changes: In accordance with DPDP Act requirements, if we make any material changes to this Privacy Policy that affect how we process your personal data, we will:
(a) Notify you via email (if provided by you) at least 30 days before the changes take effect;
(b) Display a prominent notice in the app;
(c) Update the effective date and version number of this policy;
(d) Obtain your fresh consent if the changes require new consent under the DPDP Act.
Continued Use: Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you may withdraw your consent and discontinue using our services.
We reserve the right to modify this privacy policy at any time, so please review it frequently. The current version of this policy is always available in the app and on our website.
Grievance Officer: In the event you have any grievance relating to the processing of Information provided by you, you may contact our Grievance Officer at support@desireland.app. We will respond to your grievance in accordance with the timelines specified under the DPDP Act.
Data Protection Board of India (DPBI): If you are not satisfied with the resolution of your grievance, you have the right to file a complaint with the Data Protection Board of India (DPBI) in accordance with the DPDP Act.
Response Timeline: We will acknowledge your grievance within 7 days and resolve it within 30 days, or inform you of the extended timeline if resolution requires more time.
However, please note that submitting a grievance does not waive any of the liability limitations or disclaimers stated above, except as required by applicable law.
Santosh Software Technologies
Address: Simla Ghoshpara, Serampore-3, Hooghly, India
Email: support@desireland.app